<?php
session_start();
if(defined('IZ_ACCNAME')) {
if($_SESSION['cpanel'] == 1) {
  if(!empty($_POST['setadmin'])) {
     $page = $_POST['page'];
     if($page == 'local') {
       $newlanguage = $_POST['lang'];
       $newtimeoffset = $_POST['timezone'];
       $queries = array("UPDATE settings SET setval = '$newlanguage' WHERE name = 'IZ_LANG'",
                        "UPDATE settings SET setval = '$newtimeoffset' WHERE name = 'IZ_TIMEOFFSET'");
       izsql();
       if(IZ_CALMODE == 'mysql') {
         if($_SESSION['MYSQLi']) {
           global $dblink;
           foreach($queries as $q) {
             $dblink->query($q);
           }
         } else {
           foreach($queries as $q) {
             mysql_query($q);
           }
         }
       } elseif(IZ_CALMODE == 'postgre') {
         $queries = array("UPDATE \"settings\" SET \"setval\" = '$newlanguage' WHERE \"name\" = 'IZ_LANG'",
                          "UPDATE \"settings\" SET \"setval\" = '$newtimeoffset' WHERE \"name\" = 'IZ_TIMEOFFSET'");
         foreach($queries as $q) {
           pg_query($q);
         }
       } elseif(IZ_CALMODE == 'msq') {
         foreach($queries as $q) {
           mssql_query($q);
         }
       }
       $_SESSION['IZ_LANG'] = $newlanguage;
       $newloc = 'act=admin&page=local';
     } elseif($page == 'calsetup') {
       if(empty($_POST['calendarname'])) { $newcalendarname = 'iZeit'; } else { $newcalendarname = $_POST['calendarname']; } $_SESSION['IZ_CALNAME'] = $newcalendarname;
       if($_POST['replacelogo']) { $newreplacelogo = '1'; } else { $newreplacelogo = '0'; } $_SESSION['IZ_REPLACELOGO'] = $newreplacelogo;
       $invitemode = $_POST['IZ_INVITEMODE']; 
       $_SESSION['IZ_INVITEMODE'] = $invitemode;
       $gmailacc = $_POST['IZ_GMAIL_ACC'];
       $gmailpwd = $_POST['IZ_GMAIL_PWD'];       
       $newmonthviewdaysize = $_POST['monthviewdaysize'];
       $_SESSION['IZ_MVIEWDAYSIZE'] = $newmonthviewdaysize;
       $firstday = $_POST['firstday'];
       $_SESSION['IZ_FIRSTDAY'] = $firstday;
       $newdefnumrecs = $_POST['defnumrecs'];
       $_SESSION['IZ_DEFNUMRECS'] = $newdefnumrecs;
       $newdefaultview = $_POST['defaultview'];
       $_SESSION['IZ_DEFAULTVIEW'] = $newdefaultview;
       $calurl = $_POST['calurl'];
       $_SESSION['IZ_CALURL'] = $calurl;
       $rewrite = $_POST['rewrite'];
       $_SESSION['IZ_REWRITE'] = $rewrite;
       $allowcomments = $_POST['allowcomments'];
       $_SESSION['IZ_ALLOWCOMMENTS'] = $allowcomments;
       $itemcolors = $_POST['itemcolors'];
       $_SESSION['IZ_ITEMCOLORS'] = $itemcolors;
       
       $opt_flags = 0;
       if($_POST['allowtodo']) {          $opt_flags |= OPT_TODO; }
       if($_POST['allowenddate']) {       $opt_flags |= OPT_ENDDATE; }
       if($_POST['allowattendees']) {     $opt_flags |= OPT_ATTENDEES; }
       if($_POST['allowvenue']) {         $opt_flags |= OPT_VENUE; }
       if($_POST['allowcat']) {           $opt_flags |= OPT_CATEGORY; }
       if($_POST['allowgoogle']) {        $opt_flags |= OPT_GOOGLE; }
       if($_POST['opengooglenewwindow']) {$opt_flags |= OPT_GOOGLENEWWINDOW; }
       if($_POST['allowicon']) {          $opt_flags |= OPT_ICON; }
       if($_POST['allowrecurrence']) {    $opt_flags |= OPT_RECURRENCE; }
       if($_POST['allowgoto']) {          $opt_flags |= OPT_GOTO; }
       if($_POST['allowfilters']) {       $opt_flags |= OPT_FILTERS; }
       if(($_SESSION['IZ_OPT'] & OPT_REG) != 0) {
         $opt_flags |= OPT_REG;
       }
       $_SESSION['IZ_OPT'] = $opt_flags;

       $nv_flags = 0;
       if($_POST['allowcust']) {          $nv_flags |= NV_SETTINGS; }
       if($_POST['allowevmgr']) {         $nv_flags |= NV_EVMGR; }
       if($_POST['allowrss']) {           $nv_flags |= NV_RSS; }
       if($_POST['allowical']) {          $nv_flags |= NV_ICAL; }
       if($_POST['allowreports']) {       $nv_flags |= NV_REPORTS; }
       if($_POST['allowsearch']) {        $nv_flags |= NV_SEARCH; }
       if($_POST['allowprint']) {         $nv_flags |= NV_PRINT; }
       if($_POST['allowhelp']) {          $nv_flags |= NV_HELP; }
       if($_POST['allowviewday']) {       $nv_flags |= NV_DAY; }
       if($_POST['allowviewweek']) {      $nv_flags |= NV_WEEK; }
       if($_POST['allowviewmonth']) {     $nv_flags |= NV_MONTH; }
       if($_POST['allowviewextmonth']) {  $nv_flags |= NV_EXTMONTH; }
       if($_POST['allowviewyear']) {      $nv_flags |= NV_YEAR; }
       $_SESSION['IZ_NV'] = $nv_flags;

       if($_POST['cust1on'] == 'on') {    $cust1 = $_POST['cust1']; } else { $cust1 = 'none'; } $_SESSION['cust1'] = $cust1;
       if($_POST['cust2on'] == 'on') {    $cust2 = $_POST['cust2']; } else { $cust2 = 'none'; } $_SESSION['cust2'] = $cust2;
       if($_POST['cust3on'] == 'on') {    $cust3 = $_POST['cust3']; } else { $cust3 = 'none'; } $_SESSION['cust3'] = $cust3;
       izsql();
       $queries = array("UPDATE settings SET setval = '$newcalendarname' WHERE name = 'IZ_CALNAME'",
         "UPDATE settings SET setval = '$newreplacelogo' WHERE name = 'IZ_REPLACELOGO'",
         "UPDATE settings SET setval = '$newmonthviewdaysize' WHERE name = 'IZ_MVIEWDAYSIZE'",
         "UPDATE users SET daysize = '$newmonthviewdaysize' WHERE name = 'everyone'",
         "UPDATE settings SET setval = '$firstday' WHERE name = 'IZ_FIRSTDAY'",
         "UPDATE users SET firstdayofweek = '$firstday' WHERE name = 'everyone'", 
         "UPDATE settings SET setval = '$invitemode' WHERE name = 'IZ_INVITEMODE'",
         "UPDATE settings SET setval = '$gmailacc' WHERE name = 'IZ_GMAIL_ACC'",
         "UPDATE settings SET setval = '$gmailpwd' WHERE name = 'IZ_GMAIL_PWD'",
         "UPDATE settings SET setval = '$newdefnumrecs' WHERE name = 'IZ_DEFNUMRECS'",
         "UPDATE settings SET setval = '$newdefaultview' WHERE name = 'IZ_DEFAULTVIEW'",
         "UPDATE settings SET setval = '$rewrite' WHERE name = 'IZ_REWRITE'",
         "UPDATE settings SET setval = '$calurl' WHERE name = 'IZ_CALURL'",
         "UPDATE settings SET setval = '$opt_flags' WHERE name = 'IZ_OPT'",
         "UPDATE settings SET setval = '$nv_flags' WHERE name = 'IZ_NV'",
         "UPDATE settings SET setval = '$allowcomments' WHERE name = 'IZ_ALLOWCOMMENTS'",
         "UPDATE settings SET setval = '$itemcolors' WHERE name = 'IZ_ITEMCOLORS'",
         "UPDATE settings SET setval = '$cust1' WHERE name = 'cust1'",
         "UPDATE settings SET setval = '$cust2' WHERE name = 'cust2'",
         "UPDATE settings SET setval = '$cust3' WHERE name = 'cust3'");
         $_SESSION['IZ_ITEMCOLORS'] = $itemcolors;
         writecsscolours();
       if(IZ_CALMODE == 'mysql') {
         if($_SESSION['MYSQLi']) {
           global $dblink;
           foreach($queries as $q) {
             $dblink->query($q);
           }
         } else {
           foreach($queries as $q) {
             mysql_query($q);
           }
         }
       } elseif(IZ_CALMODE == 'postgre') {
         foreach($queries as $q) {
           pg_query($q);
         }
       } elseif(IZ_CALMODE == 'msq') {
         foreach($queries as $q) {
           mssql_query($q);
         }
       }
       $newloc = 'act=admin&page=calsetup';
//       $logout = true;
     } elseif($page == 'themes') {
         $theme = $_POST['theme'];
         $_SESSION['IZ_CURTHEME'] = $theme;
         $user->savecustomisation();
         if($_POST['pagebg'] != "") { $pagebg = $_POST['pagebg']; } else { $pagebg = ''; }
         if($_POST['calbg'] != "") { $calbg = $_POST['calbg']; } else { $calbg = ''; }
         if($_POST['occbg'] != "") { $occbg = $_POST['occbg']; } else { $occbg = ''; }
         if($_POST['occtext'] != "") { $occtext = $_POST['occtext']; } else { $occtext = ''; }
         if($_POST['blankbg'] != "") { $blankbg = $_POST['blankbg']; } else { $blankbg = ''; }
         if($_POST['blanktext'] != "") { $blanktext = $_POST['blanktext']; } else { $blanktext = ''; }
         if($_POST['todaybg'] != "") { $todaybg = $_POST['todaybg']; } else { $todaybg = ''; }
         if($_POST['todaytext'] != "") { $todaytext = $_POST['todaytext']; } else { $todaytext = ''; }
         if($_POST['fillerdays'] != "") { $fillerdays = $_POST['fillerdays']; } else { $fillerdays = ''; }
         if($_POST['calwrappertext'] != "") { $calwrappertext = $_POST['calwrappertext']; } else { $calwrappertext = ''; }
         if($_POST['boxbg'] != "") { $boxbg = $_POST['boxbg']; } else { $boxbg = ''; }
         if($_POST['boxtext'] != "") { $boxtext = $_POST['boxtext']; } else { $boxtext = ''; }
         if($_POST['othertext'] != "") { $othertext = $_POST['othertext']; } else { $othertext = ''; }
         izsql();
         $queries = array("UPDATE settings SET setval = '$theme' WHERE name = 'IZ_CURTHEME'",
           "UPDATE users SET theme = '$theme' WHERE name = 'everyone'",
           "UPDATE settings SET setval = '$pagebg' WHERE name = 'cust_pagebg'",
           "UPDATE settings SET setval = '$calbg' WHERE name = 'cust_calbg'",
           "UPDATE settings SET setval = '$occbg' WHERE name = 'cust_occbg'",
           "UPDATE settings SET setval = '$occtext' WHERE name = 'cust_occtext'",
           "UPDATE settings SET setval = '$blankbg' WHERE name = 'cust_blankbg'",
           "UPDATE settings SET setval = '$blanktext' WHERE name = 'cust_blanktext'",
           "UPDATE settings SET setval = '$todaybg' WHERE name = 'cust_todaybg'",
           "UPDATE settings SET setval = '$todaytext' WHERE name = 'cust_todaytext'",
           "UPDATE settings SET setval = '$fillerdays' WHERE name = 'cust_fillerdays'",
           "UPDATE settings SET setval = '$calwrappertext' WHERE name = 'cust_calwrappertext'",
           "UPDATE settings SET setval = '$boxbg' WHERE name = 'cust_boxbg'",
           "UPDATE settings SET setval = '$boxtext' WHERE name = 'cust_boxtext'",
           "UPDATE settings SET setval = '$othertext' WHERE name = 'cust_othertext'");
         if(IZ_CALMODE == 'mysql') {
           if($_SESSION['MYSQLi']) {
             global $dblink;
             foreach($queries as $q) {
               $dblink->query($q);
             }
           } else {
             foreach($queries as $q) {
               mysql_query($q);
             }
           }
         } elseif(IZ_CALMODE == 'postgre') {
           $queries = array("UPDATE \"settings\" SET setval = '$theme' WHERE \"name\" = 'IZ_CURTHEME'",
             "UPDATE users SET theme = '$theme' WHERE \"name\" = 'everyone'",
             "UPDATE \"settings\" SET setval = '$pagebg' WHERE \"name\" = 'cust_pagebg'",
             "UPDATE \"settings\" SET setval = '$calbg' WHERE \"name\" = 'cust_calbg'",
             "UPDATE \"settings\" SET setval = '$occbg' WHERE \"name\" = 'cust_occbg'",
             "UPDATE \"settings\" SET setval = '$occtext' WHERE \"name\" = 'cust_occtext'",
             "UPDATE \"settings\" SET setval = '$blankbg' WHERE \"name\" = 'cust_blankbg'",
             "UPDATE \"settings\" SET setval = '$blanktext' WHERE \"name\" = 'cust_blanktext'",
             "UPDATE \"settings\" SET setval = '$todaybg' WHERE \"name\" = 'cust_todaybg'",
             "UPDATE \"settings\" SET setval = '$todaytext' WHERE \"name\" = 'cust_todaytext'",
             "UPDATE \"settings\" SET setval = '$fillerdays' WHERE \"name\" = 'cust_fillerdays'",
             "UPDATE \"settings\" SET setval = '$calwrappertext' WHERE \"name\" = 'cust_calwrappertext'",
             "UPDATE \"settings\" SET setval = '$boxbg' WHERE \"name\" = 'cust_boxbg'",
             "UPDATE \"settings\" SET setval = '$boxtext' WHERE \"name\" = 'cust_boxtext'",
             "UPDATE \"settings\" SET setval = '$othertext' WHERE \"name\" = 'cust_othertext'");
           foreach($queries as $q) {
             pg_query($q);
           }
         } elseif(IZ_CALMODE == 'msq') {
           foreach($queries as $q) {
             mssql_query($q);
           }
         }
       $newloc = 'act=admin&page=themes';
     } elseif($page == 'users') {
         if($_POST['adduser'] == 'adduser') {
             add_user();
         } elseif($_POST['saveusers'] == 'saveusers') {
             save_users();
         } elseif(!empty($_POST['deluser'])) {
             del_user($_POST['deluser']);
         } elseif($_POST['addgroup'] == 'addgroup') {
             add_group();
         } elseif($_POST['savegroups'] == 'savegroups') {
             save_groups();
         } elseif(!empty($_POST['delgroup'])) {
             del_group($_POST['delgroup']);
         } elseif($_POST['saveregsettings'] == 'saveregsettings') {
           $opt_flags = $_SESSION['IZ_OPT'];
           if($_POST['allowreg']) {
             $opt_flags |= OPT_REG;
           } else {
             $opt_flags &= ~OPT_REG;
           }
           izsql();
           $_SESSION['IZ_OPT'] = $opt_flags;
           if(IZ_CALMODE == 'mysql') {
             if($_SESSION['MYSQLi']) {
               global $dblink;
               $dblink->query("UPDATE settings SET setval = '$opt_flags' WHERE name = 'IZ_OPT'");
               $dblink->query(sprintf("UPDATE settings SET setval = '%s' WHERE name = 'IZ_DEFAULTGROUP'",
                   $dblink->real_escape_string($_POST['defaultgroup'])));
             } else {
               mysql_query("UPDATE settings SET setval = '$opt_flags' WHERE name = 'IZ_OPT'");
               mysql_query(sprintf("UPDATE settings SET setval = '%s' WHERE name = 'IZ_DEFAULTGROUP'",
                   mysql_real_escape_string($_POST['defaultgroup'])));
             }
           } elseif(IZ_CALMODE == 'postgre') {
             pg_query("UPDATE \"settings\" SET setval = '$opt_flags' WHERE \"name\" = 'IZ_OPT'");
             pg_query(sprintf("UPDATE \"settings\" SET setval = '%s' WHERE \"name\" = 'IZ_DEFAULTGROUP'",
                 pg_escape_string($_POST['defaultgroup'])));
           } elseif(IZ_CALMODE == 'msq') {
             mssql_query("UPDATE settings SET setval = '$opt_flags' WHERE name = 'IZ_OPT'");
             mssql_query(sprintf("UPDATE settings SET setval = '%s' WHERE name = 'IZ_DEFAULTGROUP'",
                 mssql_escape_string($_POST['defaultgroup'])));
           }
         }
       $newloc = 'act=admin&page=users';
     } elseif($page == 'backup') {
       if($_POST['setadmin'] == 'Backup') {
         dumpdb('file');
         die();
       } elseif($_POST['setadmin'] == 'Restore2') {
         if($_POST['cleardb']) {
           $cleardb = true;
         }
         izsql();
         if(IZ_CALMODE == 'mysql') {
           if($_SESSION['MYSQLi']) {
             global $dblink;
             if(!empty($_SESSION['fcomments'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM comments');
               }
               $dblink->query("INSERT IGNORE INTO comments (id,postid,author,posted,text) VALUES ('".implode("'), ('",$_SESSION['fcomments'])."')");
             }
             if(!empty($_SESSION['fevents'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM events');
               }
               $dblink->query("INSERT IGNORE INTO events (id,category,eventstart,eventend,title,description,venue,linkgoogle,allday,instanceof,status,author,cust1,cust2,cust3,attendees,comments,icon) VALUES ('".implode("'), ('",$_SESSION['fevents'])."')");
             }
             if(!empty($_SESSION['ftodo'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM tasks');
               }
               $dblink->query("INSERT IGNORE INTO tasks (id,category,created,due,title,description,author,complete,cust1,cust2,cust3,comments,status,icon) VALUES ('".implode("'), ('",$_SESSION['ftodo'])."')");
             }
             if(!empty($_SESSION['fsettings'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM settings');
               }
               $dblink->query("INSERT IGNORE INTO settings (name,setval) VALUES ('".implode("'), ('",$_SESSION['fsettings'])."')");
//echo "INSERT IGNORE INTO settings (name,setval) VALUES ('".implode("'), ('",$_SESSION['fsettings'])."')";
             }
             if(!empty($_SESSION['fusers'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM users');
               }
               $dblink->query("INSERT IGNORE INTO users (id,name,usergroup,password,language,daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) VALUES ('".implode("'), ('",$_SESSION['fusers'])."')");
             }
             if(!empty($_SESSION['fgroups'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM groups');
               }
               $dblink->query("INSERT IGNORE INTO groups (id,name,view,edit,`delete`,cpanel,customise,comment) VALUES ('".implode("'), ('",$_SESSION['fgroups'])."')");
             }
             if(!empty($_SESSION['fcats'])) {
               if($cleardb) {
                 $dblink->query('DELETE FROM categories');
               }
               foreach($_SESSION['fcats'] as $type => $config) {
                 foreach($config as $line) {
                   list($id,$name,$owner,$public,$color)  = explode('__X__',$line);
                   $dblink->query("INSERT IGNORE INTO `categories` (`id`,`name`,`owner`,`type`,`public`,`color`) VALUES ('$id','$name','$owner','$type','$public','$color');");
                 }
               }
             }
           } else {
             if(!empty($_SESSION['fusers'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM users');
               }
               mysql_query("INSERT IGNORE INTO users (id,name,usergroup,password,language,daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) VALUES ('".implode("'), ('",$_SESSION['fusers'])."')");
             }
             if(!empty($_SESSION['fgroups'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM groups');
               }
               mysql_query("INSERT IGNORE INTO groups (id,name,view,edit,`delete`,cpanel,customise,comment) VALUES ('".implode("'), ('",$_SESSION['fgroups'])."')");
             }
             if(!empty($_SESSION['fcomments'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM comments');
               }
               mysql_query("INSERT IGNORE INTO comments (id,postid,author,posted,text) VALUES ('".implode("'), ('",$_SESSION['fcomments'])."')");
             }
             if(!empty($_SESSION['fevents'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM events');
               }
               mysql_query("INSERT IGNORE INTO events (id,category,eventstart,eventend,title,description,venue,linkgoogle,allday,instanceof,status,author,cust1,cust2,cust3,attendees,comments,icon) VALUES ('".implode("'), ('",$_SESSION['fevents'])."')");
             }
             if(!empty($_SESSION['ftodo'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM tasks');
               }
               mysql_query("INSERT IGNORE INTO tasks (id,category,created,due,title,description,author,complete,cust1,cust2,cust3,comments,status) VALUES ('".implode("'), ('",$_SESSION['ftodo'])."')");
             }
             if(!empty($_SESSION['fsettings'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM settings');
               }
               mysql_query("INSERT IGNORE INTO settings (name,setval) VALUES ('".implode("'), ('",$_SESSION['fsettings'])."')");
             }
             if(!empty($_SESSION['fcats'])) {
               if($cleardb) {
                 mysql_query('DELETE FROM `categories`');
               }
               foreach($_SESSION['fcats'] as $type => $config) {
                 foreach($config as $line) {
                   list($id,$name,$owner,$public,$color)  = explode('__X__',$line);
                   mysql_query("INSERT IGNORE INTO `categories` (`id`,`name`,`owner`,`type`,`public`,`color`) VALUES ('$id','$name','$owner','$type','$public','$color');");
                 }
               }
             }
           }
        } elseif(IZ_CALMODE == 'postgre') {
          if(!empty($_SESSION['fcomments'])) {
            if($cleardb) {
              pg_query('DELETE FROM "comments"');
            }
            pg_query('INSERT INTO "comments" ("id","postid","author","posted","text") VALUES (\''.implode("'), ('",$_SESSION['fcomments'])."')");
          }
          if(!empty($_SESSION['fevents'])) {
            if($cleardb) {
              pg_query('DELETE FROM "events"');
            }
            pg_query('INSERT INTO "events" ("id","category","eventstart","eventend","title","description","venue","linkgoogle","allday","instanceof","status","author","cust1","cust2","cust3","attendees","comments","icon") VALUES (\''.implode("'), ('",$_SESSION['fevents'])."')");
          }
          if(!empty($_SESSION['ftodo'])) {
            if($cleardb) {
              pg_query('DELETE FROM "tasks"');
            }
            pg_query('INSERT INTO "tasks" ("id","category","created","due","title","description","author","complete","cust1","cust2","cust3","comments","status") VALUES (\''.implode("'), ('",$_SESSION['ftodo'])."')");
          }
          if(!empty($_SESSION['fsettings'])) {
            if($cleardb) {
              pg_query('DELETE FROM "settings"');
            }
            pg_query('INSERT INTO "settings" ("name","setval") VALUES (\''.implode("'), ('",$_SESSION['fsettings'])."')");
          }
          if(!empty($_SESSION['fusers'])) {
             if($cleardb) {
               pg_query('DELETE FROM "users"');
             }
             pg_query("INSERT INTO \"users\" (\"id\",\"name\",\"usergroup\",\"password\",\"language\",\"daysize\",\"firstdayofweek\",\"theme\",\"defaultstatus\",\"showall\",\"dateformat\",\"defaultcategoryevents\",\"defaultcategorytasks\",\"pageafter\",\"fontsize\",\"collapsestatus\",\"color\",\"viewdetails\",\"includecomplete\") VALUES ('".implode("'), ('",$_SESSION['fusers'])."')");
           }
           if(!empty($_SESSION['fgroups'])) {
             if($cleardb) {
               pg_query('DELETE FROM "groups"');
             }
             pg_query('INSERT INTO "groups" ("id","name","view","edit","delete","cpanel","customise","comment") VALUES (\''.implode("'), ('",$_SESSION['fgroups'])."')");
           }
           if(!empty($_SESSION['fcats'])) {
             if($cleardb) {
               pg_query('DELETE FROM "categories"');
             }
             foreach($_SESSION['fcats'] as $type => $config) {
               foreach($config as $line) {
                 list($id,$name,$owner,$public,$color)  = explode('__X__',$line);
                 pg_query("INSERT INTO \"categories\" (\"id\",\"name\",\"owner\",\"type\",\"public\",\"color\") VALUES ('$id','$name','$owner','$type','$public','$color');");
               }
             }
           }
         } elseif(IZ_CALMODE == 'msq') {
           if(!empty($_SESSION['fsettings'])) {
             if($cleardb) {
               mssql_query('DELETE FROM settings');
             }
             mssql_query("INSERT INTO settings (name,setval) SELECT '".implode("' UNION ALL SELECT '",$_SESSION['fsettings'])."'");
           }
           if(!empty($_SESSION['fusers'])) {
             if($cleardb) {
               mssql_query('DELETE FROM users');
             }
             mssql_query("INSERT INTO users (id,name,usergroup,password,[language],daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) SELECT '".implode("' UNION ALL SELECT '",$_SESSION['fusers'])."'");
           }
           if(!empty($_SESSION['fgroups'])) {
             if($cleardb) {
               mssql_query('DELETE FROM groups');
             }
             mssql_query("INSERT INTO groups (id,name,[view],edit,[delete],cpanel,customise,comment) SELECT '".implode("' UNION ALL SELECT '",$_SESSION['fgroups'])."'");
           }
           if(!empty($_SESSION['fcats'])) {
             if($cleardb) {
               mssql_query('DELETE FROM categories');
             }
             foreach($_SESSION['fcats'] as $type => $config) {
               foreach($config as $line) {
                 list($id,$name,$owner,$public,$color)  = explode('__X__',$line);
                 mssql_query("INSERT INTO categories (id,name,owner,[type],[public],color) VALUES ('$id','$name','$owner','$type','$public','$color');");
               }
             }
           }
           if(!empty($_SESSION['fcomments'])) {
            if($cleardb) {
              mssql_query('DELETE FROM comments');
            }
            mssql_query("INSERT INTO comments (id,postid,author,posted,text) SELECT '".implode("', ' UNION ALL SELECT '",$_SESSION['fcomments'])."'");
          }
          if(!empty($_SESSION['fevents'])) {
            if($cleardb) {
              mssql_query('DELETE FROM events');
            }
            mssql_query("INSERT INTO events (id,category,eventstart,eventend,title,description,venue,linkgoogle,allday,instanceof,status,author,cust1,cust2,cust3,attendees,comments,icon) SELECT '".implode("' UNION ALL SELECT '",$_SESSION['fevents'])."'");
          }
          if(!empty($_SESSION['ftodo'])) {
            if($cleardb) {
              mssql_query('DELETE FROM tasks');
            }
            mssql_query("INSERT INTO tasks (id,category,created,due,title,description,author,complete,cust1,cust2,cust3,comments) SELECT '".implode("' UNION ALL SELECT '",$_SESSION['ftodo'])."'");
          }
         }
         writecsscolours();
       }
//echo "\n\n",$settingsqry,"\n\n",$userqry,"\n\n",$groupqry,"\n\n",$todoqry,"\n\n",$eventqry,"\n\n",$commentqry,"\n\n";
     } elseif($page == 'system') {
       $calmode = $_POST['calmode'];
       $newdbhost = $_POST['dbhost'];
       $newdbuser = $_POST['dbuser'];
       if($_POST['dbpass'] != "") {$newdbpass = $_POST['dbpass']; }
       $newdbdatabase = $_POST['dbdatabase'];
       if($calmode == 'mysql') {
         if($_SESSION['MYSQLi']) {
           global $dblink;
           $newdblink = mysqli_connect($newdbhost,$newdbuser,$newdbpass,$newdbdatabase);
           if(mysqli_connect_errno()) {
             $error .= '<p><span>&#35;15&#58; '.ERR_DBCONNECTFAIL.'&#58;<br />'.mysql_error().'</span></p>';
           }
         } else {
           $newdblink = @mysql_connect($newdbhost, $newdbuser , $newdbpass);
           @mysql_select_db($newdbdatabase, $newdblink) or $error .= '<p><span>&#35;15&#58; '.ERR_DBCONNECTFAIL.'&#58;<br />'.mysql_error().'</span></p>';
         }
       } elseif($calmode == 'postgre') {
         $newdblink = @pg_connect("host=$newdbhost dbname=$newdbdatabase user=$newdbuser password=$newdbpass") or $error .= '<p><strong>'.ERR_DBCONNECTFAIL.'</strong>&#58;<br />'.pg_last_error().'</p>';
       } elseif($calmode == 'msq') {
         $newdblink = mssql_connect($newdbhost, $newdbuser, $newdbpass);
         mssql_select_db($newdbdatabase, $newdblink) or $error .= '<p><span>&#35;154&#58; '.ERR_DBCONNECTFAIL.'&#58;<br /> '.mssql_get_last_message().'</span></p>';
       }
       dumpdb('disk');
       izsql();
       if(IZ_CALMODE == 'mysql') {
         if($_SESSION['MYSQLi']) {
           global $dblink;
           $currentuserqry = $dblink->query("SELECT `password`, `language` FROM `users` WHERE `name` = '$adminuser'");
           $currentuser = $currentuserqry->fetch_object($currentuserqry);
           $currentuserqry->close();
         } else {
           $currentuserqry = mysql_query("SELECT `password`, `language` FROM `users` WHERE `name` = '$adminuser'");
           $currentuser = mysql_fetch_object($currentuserqry);
         }
       } elseif(IZ_CALMODE == 'postgre') {
         $currentuserqry = pg_query("SELECT \"password\",\"language\" FROM \"users\" WHERE \"name\" = '$adminuser'");
         $currentuser = pg_fetch_object($currentuserqry);
       } elseif(IZ_CALMODE == 'msq') {
         $currentuserqry = mssql_query("SELECT password,language FROM users WHERE name = '$adminuser'");
         $currentuser = mssql_fetch_object($currentuserqry);
       }
       $md5pass = $currentuser->password;
       $lang = $currentuser->language;
       $adminuser = $_SESSION['uname'];
       $calmode = $_POST['calmode'];
       $calurl = $_SESSION['IZ_CALURL'];
       $calendarname = $_SESSION['IZ_CALNAME'];
       $dropqry = "DROP TABLE categories,comments,events,settings,tasks,groups,users";
       if($calmode == 'mysql') {
         if($_SESSION['MYSQLi']) {
           global $dblink;
           $dblink->query($dropqry);
         } else {
           @mysql_query($dropqry);
         }
       } elseif($calmode == 'postgre') {
         $dropqry = "DROP TABLE \"categories\",\"comments\",\"events\",\"settings\",\"tasks\",\"groups\",\"users\"";
         @pg_query($dropqry);
       } elseif($calmode == 'msq') {
         @mssql_query($dropqry);
       }
       include($_SESSION['IZ_CALPATH'].'includes/sql.php');
       if(!$error) {
         $sfile = @fopen($_SESSION['IZ_CALPATH']."includes/data/settings.php", "w");
         if($sfile) {
           $write = '<?php'."\n"
                   .'define("IZ_CALMODE","'.$calmode.'");'."\n"
                   .'$dbhost = "'.$dbhost.'";'."\n"
                   .'$dbuser = "'.$dbuser.'";'."\n"
                   .'$dbpass = "'.$dbpass.'";'."\n"
                   .'$dbdatabase = "'.$dbdatabase.'";'."\n"
                   .'define(\'IZ_SALT\',\''.$izsalt.'\');'."\n"
                   .'?>';
           fwrite($sfile, $write);
           fclose($sfile);
           $_SESSION = array();
           header("Location: ".$_SESSION['IZ_CALURL']); //logout
         } else {
            $error .= '<p><span style="color: #ff0000; font-weight: bold;">&#35;23&#58; '.ERR_WRITEFILE.'</span></p>';
         }
       }
       $newloc = 'act=admin&page=system';
     }
  }
}
if(isset($_REQUEST['events'])) {
   $act = $_REQUEST['act'];
   if($act == 'addevent') {
     addevent();
   } elseif($act == 'editevent') {
     if(isset($_REQUEST['store'])) {
       edit_event();
     } elseif(isset($_REQUEST['saveseries'])) {
       saveseries();
     } elseif(isset($_REQUEST['delseries'])) {
       if($_SESSION['delete'] > 0) {
         delseries($_REQUEST['id'],$_REQUEST['instanceof']);
       }
     } elseif(isset($_REQUEST['delevent'])) {
       $event = new event(new eventres($_REQUEST['id'],'','','','','','','','','','','','','','','',''));
       $event->getdetails();
       if(($_SESSION['delete'] == 1 && (strtolower($event->author) == strtolower($_SESSION['uname']) || (strtolower($event->author) == 'everyone'))) || ($_SESSION['delete'] == 2)) {
         $event->delete();
       } else {
         echo '<span>&#35;163&#58; ',ERR_NOPERMISSION,'</span><br />';         
       }
     }
   } elseif(isset($_POST['masssave'])) {
        masssave();
        $newloc = 'events=1&act=manage&view=list';
   } elseif($_POST['mass'] == 'delete') {
        massdelete();
   }
} elseif(isset($_REQUEST['todo'])) {
  if($_POST['todo'] == 'add') {
    addtodo();
  } elseif($_REQUEST['act'] == 'submitedittodo') {
    edittodo();    
  } elseif(isset($_REQUEST['deltodo'])) {
    deltodo();
  }
} elseif(isset($_POST['categories'])) {
   if($_POST['categories'] == 'addcat') {
     $id = gen_id();
     $catname = $_POST['catname'];
     if(isset($_POST['addcatevent'])) {
       $type = 'event';
     } elseif(isset($_POST['addcattodo'])) {
       $type = 'task';
     }
     $color = $_POST['catcolor'];
     add_category($id,$catname,$type,$color);
   } elseif($_POST['categories'] == 'savecats') {
     izsql();
     $csql = 'SELECT * FROM categories ORDER BY name ASC';
     if($_POST['cattype'] == 'task') {
       $aryname = 'todo';
     } else {
       $aryname = 'event';
     }
     if(IZ_CALMODE == 'mysql') {
       if($_SESSION['MYSQLi']) {
         global $dblink;
         $cqry = $dblink->query($csql);
         while($cats = $cqry->fetch_object()) {
           if((isset($_POST[$cats->id])) && ((strtolower($_SESSION['uname']) == $cats->owner) || ($_SESSION['cpanel'] == 1))) {
             $newname = clean($_POST[$cats->id]);
             $public = intval($_POST[$cats->id.'status']);
             $color = $dblink->real_escape_string($_POST[$cats->id.'-color']);
             $nqry = "UPDATE categories SET name = '$newname', public = '$public', color = '$color' WHERE id = '$cats->id' AND type = '".$_POST['cattype']."'";
             $dblink->query($nqry);
             $_SESSION[$aryname.'cats'][$cats->id]->public = $public;
           }
         }
         $cqry->close();
       } else {
         $cqry = mysql_query($csql);
         while($cats = mysql_fetch_object($cqry)) {
           if((isset($_POST[$cats->id])) && ((strtolower($_SESSION['uname']) == $cats->owner) || ($_SESSION['cpanel'] == 1))) {
             $newname = clean($_POST[$cats->id]);
             $public = intval($_POST[$cats->id.'status']);
             $color = mysql_real_escape_string($_POST[$cats->id.'-color']);
             $nqry = "UPDATE categories SET name = '$newname', public = '$public', color = '$color' WHERE id = '$cats->id' AND type = '".$_POST['cattype']."'";
             mysql_query($nqry);
             $_SESSION[$aryname.'cats'][$cats->id]['Public'] = $public;
           }
         }
       }
     } elseif(IZ_CALMODE == 'postgre') {
       $csql = 'SELECT * FROM \"categories\" ORDER BY \"name\" ASC';
       $cqry = pg_query($csql);
       while($cats = pg_fetch_object($cqry)) {
         if((isset($_POST[$cats->id])) && ((strtolower($_SESSION['uname']) == $cats->owner) || ($_SESSION['cpanel'] == 1))) {
           $newname = clean($_POST[$cats->id]);
           $public = intval($_POST[$cats->id.'status']);
           $color = pg_escape_string($_POST[$cats->id.'-color']);
           $nqry = "UPDATE categories SET name = '$newname', public = '$public', color = '$color' WHERE WHERE id = '$cats->id' AND type = '".$_POST['cattype']."'";
           pg_query($nqry);
           $_SESSION[$aryname.'cats'][$cats->id]['Public'] = $public;
         }
       }
     } elseif(IZ_CALMODE == 'msq') {
       $cqry = mssql_query($csql);
       while($cats = mssql_fetch_object($cqry)) {
         if((isset($_POST[$cats->id])) && ((strtolower($_SESSION['uname']) == $cats->owner) || ($_SESSION['cpanel'] == 1))) {
           $newname = clean($_POST[$cats->id]);
           $public = intval($_POST[$cats->id.'status']);
           $color = mssql_escape_string($_POST[$cats->id.'-color']);
           $nqry = "UPDATE categories SET name = '$newname', [public] = '$public', color = '$color' WHERE WHERE id = '$cats->id' AND [type] = '".$_POST['cattype']."'";
           mssql_query($nqry);
           $_SESSION[$aryname.'cats'][$cats->id]['Public'] = $public;
         }
       }
     }
     writecsscolours();
     $numqs++;
   } elseif($_POST['categories'] == 'delcat') {
     delcategory();
   } elseif($_POST['categories'] == 'savedefault') {
     $defaultevent = $_POST['defaultevent'];
     $defaulttodo = $_POST['defaulttodo'];
     $_SESSION['defaultcategoryevents'] = $_POST['defaultevent'];
     $_SESSION['defaultcategorytasks'] = $_POST['defaulttodo'];
     izsql();
     $nqry = "UPDATE users SET defaultcategoryevents = '%s', defaultcategorytasks = '%s' WHERE name = '%s'";
     if(IZ_CALMODE == 'mysql') {
       if($_SESSION['MYSQLi']) {
         global $dblink;
         $dblink->query(sprintf($nqry,
           $dblink->real_escape_string($defaultevent),
           $dblink->real_escape_string($defaulttodo),
           $_SESSION['uname']
         ));
       } else {
         mysql_query(sprintf($nqry,
           mysql_real_escape_string($defaultevent),
           mysql_real_escape_string($defaulttodo),
           $_SESSION['uname']
         ));
       }
     } elseif(IZ_CALMODE == 'postgre') {
       $nqry = "UPDATE \"users\" SET \"defaultcategoryevents\" = '%s', \"defaultcategorytasks\" = '%s' WHERE \"name\" = '%s'";
       pg_query(sprintf($nqry,
         pg_escape_string($defaultevent),
         pg_escape_string($defaulttodo),
         $_SESSION['uname']
       ));
     } elseif(IZ_CALMODE == 'msq') {
       mssql_query(sprintf($nqry,
         mssql_escape_string($defaultevent),
         mssql_escape_string($defaulttodo),
         $_SESSION['uname']
       ));
     }
     $numqs++;
   }
} elseif(isset($_POST['comments'])) {
  switch($_POST['comments']) {
    case "add":
      $itemid = $_POST['itemid'];
      $author = $_POST['author'];
      $commenttext = $_POST['commenttext'];
      $comment = new comment('',$itemid,$author,$commenttext);
//var_dump($comment);
      if($comment->insert() == false) {
        echo iz_error('&#35;746&#58; '.ERR_FILEOPEN);
        return;
      }
      break;
    case "delete":
    // delete handled by ajax...
      break;
  }
} else {
  switch($_POST['act']) {
    case 'importical':
      if(empty($_FILES['icsfile']['error'])) {
        importical($_FILES['icsfile']['tmp_name']);
      } else {
        $error = $_FILES['icsfile']['error'];
      }
      break;
    case 'submitreg':
      if(($_SESSION['IZ_OPT'] & OPT_REG) != 0) {
        $name = clean($_POST['username']);
        if(empty($_POST['colour'])) {
          $colour = 'default';
        } else {
          $colour = $_POST['colour'];
        }
        if($_POST['pass'] == $_POST['confpass']) {
          $pass = saltpassword($_POST['pass']);
        } else {
          $error .= '<p>'.ERR_ERRORTEXT.' &#35;614&#58; '.ERR_CONFIRMPASSFAIL.'</p>';
        }
        if(empty($name)) {
          $error .= '<p>'.ERR_ERRORTEXT.' &#35;615&#58; '.ERR_COMMENTAUTHOR.'</p>';
        } else {
          izsql();
          if(IZ_CALMODE == 'mysql') {
            if($_SESSION['MYSQLi']) {
              global $dblink;
              $username = $dblink->real_escape_string($name);
              $checkname = $dblink->query("SELECT * FROM users WHERE name = '$username'");
              $utaken = $checkname->num_rows;
              $checkname->close();
            } else {
              $username = mysql_real_escape_string($name);
              $checkname = mysql_query("SELECT * FROM users WHERE name = '$username'");
              $utaken = mysql_num_rows($checkname);
            }
          } elseif(IZ_CALMODE == 'postgre') {
            $username = pg_escape_string($name);
            $checkname = pg_query("SELECT * FROM \"users\" WHERE \"name\" = '$username'");
            $utaken = pg_num_rows($checkname);
          } elseif(IZ_CALMODE == 'msq') {
            $username = mssql_escape_string($name);
            $checkname = mssql_query("SELECT * FROM users WHERE name = '$username'");
            $utaken = mssql_num_rows($checkname);
          }
          if($utaken != 0) {
            $error .= '<p>'.ERR_ERRORTEXT.' &#35;617&#58; '.ERR_USERNAMEEXISTS.'</p>';
          } else {
            if(IZ_CALMODE == 'mysql') {
              if($_SESSION['MYSQLi']) {
                global $dblink;
                $dblink->query(sprintf("INSERT INTO users (id,name,password,usergroup,language,daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) VALUES (
                       '%s','%s','%s','%s','%s','%s','%s','%s','Public','1','d-m-y','%s','%s','30','medium','1-1-1','%s','1','%s')",
                       gen_id(),
                       $username,
                       $dblink->real_escape_string($pass),
                       $_SESSION['IZ_DEFAULTGROUP'],
                       $_SESSION['IZ_LANG'],
                       $_SESSION['IZ_MVIEWDAYSIZE'],
                       $_SESSION['IZ_FIRSTDAY'],
                       $_SESSION['IZ_CURTHEME'],
                       $_SESSION['defaultcategoryevents'],
                       $_SESSION['defaultcategorytasks'],
                       $dblink->real_escape_string($colour),
                       $_SESSION['completedtodos']
                ));
              } else {
                mysql_query(sprintf("INSERT INTO users (id,name,password,usergroup,language,daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) VALUES (
                       '%s','%s','%s','%s','%s','%s','%s','%s','Public','1','d-m-y','%s','%s','30','medium','1-1-1','%s','1','%s')",
                       gen_id(),
                       $username,
                       mysql_real_escape_string($pass),
                       $_SESSION['IZ_DEFAULTGROUP'],
                       $_SESSION['IZ_LANG'],
                       $_SESSION['IZ_MVIEWDAYSIZE'],
                       $_SESSION['IZ_FIRSTDAY'],
                       $_SESSION['IZ_CURTHEME'],
                       $_SESSION['defaultcategoryevents'],
                       $_SESSION['defaultcategorytasks'],
                       mysql_real_escape_string($colour),
                       $_SESSION['completedtodos']
                ));
              }
            } elseif(IZ_CALMODE == 'postgre') {
              pg_query(sprintf("INSERT INTO \"users\" (\"id\",\"name\",\"password\",\"usergroup\",\"language\",\"daysize\",\"firstdayofweek\",\"theme\",\"defaultstatus\",\"showall\",\"dateformat\",\"defaultcategoryevents\",\"defaultcategorytasks\",\"pageafter\",\"fontsize\",\"collapsestatus\",\"color\",\"viewdetails\",\"includecomplete\") VALUES (
                       '%s','%s','%s','%s','%s','%s','%s','%s','Public','1','d-m-y','%s','%s','30','medium','1-1-1','%s','1','%s')",
                       gen_id(),
                       $username,
                       pg_escape_string($pass),
                       $_SESSION['IZ_DEFAULTGROUP'],
                       $_SESSION['IZ_LANG'],
                       $_SESSION['IZ_MVIEWDAYSIZE'],
                       $_SESSION['IZ_FIRSTDAY'],
                       $_SESSION['IZ_CURTHEME'],
                       $_SESSION['defaultcategoryevents'],
                       $_SESSION['defaultcategorytasks'],
                       pg_escape_string($colour),
                       $_SESSION['completedtodos']
              ));
            } elseif(IZ_CALMODE == 'msq') {
              mssql_query(sprintf("INSERT INTO users (id,name,password,usergroup,[language],daysize,firstdayofweek,theme,defaultstatus,showall,dateformat,defaultcategoryevents,defaultcategorytasks,pageafter,fontsize,collapsestatus,color,viewdetails,includecomplete) VALUES (
                       '%s','%s','%s','%s','%s','%s','%s','%s','Public','1','d-m-y','%s','%s','30','medium','1-1-1','%s','1','%s')",
                       gen_id(),
                       $username,
                       mssql_escape_string($pass),
                       $_SESSION['IZ_DEFAULTGROUP'],
                       $_SESSION['IZ_LANG'],
                       $_SESSION['IZ_MVIEWDAYSIZE'],
                       $_SESSION['IZ_FIRSTDAY'],
                       $_SESSION['IZ_CURTHEME'],
                       $_SESSION['defaultcategoryevents'],
                       $_SESSION['defaultcategorytasks'],
                       mssql_escape_string($colour),
                       $_SESSION['completedtodos']
              ));
            }
          }
        }
      } else {
        $error .= '<p>'.ERR_ERRORTEXT.' &#35;616&#58; '.ERR_REGDISABLED.'</p>';
      }
      break;
    case 'changepass':
      izsql();
      if(saltpassword($_POST['oldpass']) != $_SESSION['passhash']) {
        $error .= '<p>'.ERR_ERRORTEXT.' &#35;624&#58; '.ERR_WRONGPASSWORD.'</p>';
      } else {
        if($_POST['newpass'] != $_POST['confpass']) {
          $error .= '<p>'.ERR_ERRORTEXT.' &#35;6125; '.ERR_CONFIRMPASSFAIL.'</p>';
        } else {
          $newpass = saltpassword($_POST['newpass']);
          $sql = "UPDATE users SET password = '$newpass' WHERE id = '".$_SESSION['uid']."'";
          if(IZ_CALMODE == 'mysql') {
            if($_SESSION['MYSQLi']) {
              global $dblink;
              $dblink->query($sql);
            } else {
              mysql_query($sql);
            }
          } elseif(IZ_CALMODE == 'postgre') {
            $sql = "UPDATE \"users\" SET \"password\" = '$newpass' WHERE \"id\" = '".$_SESSION['uid']."'";
            pg_query($sql);
          } elseif(IZ_CALMODE == 'msq') {
            mssql_query($sql);
          }
        }
// echo $sql.'<br>'.$_POST['oldpass'].'<br>'.$_POST['newpass'].'<br>'.saltpassword($_POST['newpass']);
      }
      break;
  }
}
if(isset($_REQUEST['from'])) {
  $newloc = str_replace("-","=",$_REQUEST['from']);
  $newloc = str_replace(".","&",$newloc);
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="includes/main.css" />
<link rel="stylesheet" type="text/css" href="includes/themes/<?php echo $_SESSION['IZ_CURTHEME']; ?>.css" />
<?php if(!$error) { ?>
<title><?php echo $_SESSION['IZ_CALNAME']." &#187; ".STR_SETTINGSSAVED; ?></title>
<meta http-equiv="refresh" content="1;url=index.php?<?php echo $newloc; ?>" />
</head>

<body>
      <div id="container">
      <div id="box">
      <?php echo STR_SETTINGSSAVED; ?>
      </div>
      <?php
      if($logout) {
        $_SESSION = array();
      } else {
//        $_SESSION = '';
      }
      if(!empty($warning)) {
        echo '<div id="warningbox">'.$warning.'</div>';
      }
      ?>
      </div>
<?php } else { ?>
<title><?php echo $_SESSION['IZ_CALNAME']." &#187; ".ERR_ERRORTEXT; ?></title>
</head>

<body>
<?php
if(!empty($error)) {
  echo '<div id="errorbox">'.$error.'</div>';
}
if(!empty($warning)) {
  echo '<div id="warningbox">'.$warning.'</div>';
} ?>
<?php } ?>
</body>
</html>
<?php } else {
  // Directly accessed
  header('Location: ../');
} ?>